Crimeware Toolkits - No Need to be an Expert Hacker to Use
Finjan Inc., a leading company providing secure Web gateway products, announced on September 5, 2007 that its SecureBrowsing has found a number of cases of use of crimeware toolkits - software packages of malicious code - that criminals employed in their activities in August 2007.
Finjan's SecureBrowsing is plugged into the browser to rate safety levels of URLs from search results, popular Websites and Web 2.0 sites. The company detected crimeware toolkits of ten different kinds in August 2007. Hackers sell these toolkits for just a few hundred dollars and which criminals use on the World Wide Web today.
This year August's crimeware toolkits are the MPack, IcePack, NeoSploit, MultiExploit, WebAttacker and WebAttacker2 toolkits, and also the new ones like vipcrypt, decrypt, random.js and makemelaugh.
Crimeware toolkits are in great demand these days, said Yuval Ben-Itvhak, Finjan's CTO in an interview. Information Week reported this on September 5, 2007. He said that anyone could obtain it for just a few hundred dollars to use it to infect and obtain data from users' computers. Such data usually includes personal information like usernames and passwords, which criminals exploit for them or sell it to other parties. Today, a cyber-criminal need not necessarily to be a specialist.
According to Finjan, just like legitimate software, distributors of malware toolkits also regularly update their programs by adding fresh exploits and anti-forensic mechanisms so that the crimeware toolkits continue to be effective and elude detection by conventional security solutions.
The toolkits are often designed to send back reports so that the hacker knows how many systems he has infected, what browsers are open on them, the locations of the machines, and what Trojan was planted on them.
Some of the malicious code software packages could be even open-source, where various malware writers contribute crimeware. These toolkits, unlike the commercial ones, do not cost money but have fewer features, said Ben-Itvhak. Finjan reported that with its SecureBrowsing technology, it has successfully managed to trace the use of MPack toolkit, which a group of 58 hackers in Russia used to infect 500,000 individual users in August 2007 alone, the security company said.
Related article: Crimeware Server Containing Stolen Data found in Argentina
» SPAMfighter News - 17-09-2007